COMMAND

    vlock (+ magic SysRQ key)

SYSTEMS AFFECTED

    RedHat

PROBLEM

    Luis M. Cruz found  following.  He found  that you can kill  vlock
    (and  similar  programs  that  lock  all  linux consoles) with the
    alt+sysrq+k  key  combination  on  LiNUX  2.2.X  and 2.3.X (if you
    enabled magic keys when you compiled the kernel) so someone  could
    bypass  the  console  locking  and  althought he cannot access the
    session where vlock was ejecuted (because it has been killed),  he
    can access the  other posibly opened  sessions on other  consoles.
    So, if you have  enabled the magic keys,  using "vlock -a" is  not
    secure!.

    Magic SysRq  is in  "kernel hacking"  section.   If you enable it,
    and  you  are  not  kernel  hacker,  you loose. (If you are kernel
    hacker, you certainly don't want mere mortals access your console,
    do you?  Read help entry:

    CONFIG_MAGIC_SYSRQ
      If you say Y here, you will have some control over the system even
      if the system crashes for example during kernel debugging (e.g., you
      will be able to flush the buffer cache to disk, reboot the system
      immediately or dump some status information). This is accomplished
      by pressing various keys while holding SysRq (Alt+PrintScreen). The
      keys are documented in Documentation/sysrq.txt. Don't say Y unless
						      !!!!!!!!!!!!!!!!!!
      you really know what this hack does.
      !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

SOLUTION

    CONFIG_MAGIC_SYSRQ  is  enabled  by  default  in  the 2.2.5 kernel
    which is shipped  with RedHat-6.0.   In 2.2.5-22 kernel  (the last
    version  in  updates/)  arch/i386/defconfig has CONFIG_MAGIC_SYSRQ
    also  enabled.   The  most  interesting  is  that  standard kernel
    distribution  (linux-2.2.5.tar.gz)  doesn't  have  SYSRQ enabled -
    it was set  to "y" by  RedHat (probably during  beta-testing), and
    is "y"  for all  architectures.   So, those  who use  RedHat don't
    even have to say "Y" and decide  if they are hackers or not -  the
    decision was made for them beforehand.

    From the  2.2.11 changelog  Magic SysRq  can be  runtime enabled /
    disabled.  Thou the kernel src tree from Slackware 4.0 is pristene
    2.2.6, so any home make kernels will have the SysRq turned off  by
    default.